“There’s so much sophistication now, they are so organised,” Mike Sentonas from Intel Security told news.com.au. “It’s a business, it’s not just a few people, it’s a process.”

“We’ve been tracking a lot of these groups for years now and they have such strong architecture it’s hard to shut it down.”

Russia has emerged as a global epicentre for criminal hackers. Nearby countries such as Ukraine and some of the Baltic States also house hacking organisations that are increasingly run like corporate enterprises.

“It’s all linked to where traditional crime has taken place with groups in Eastern Ukraine and Bulgaria,” Professor Mathew Warren from Deakin University told news.com.au. “But their activities are taking place all over the world.”

Mr Sentonas agrees that the movement of organised crime into the cyber realm has contributed to the shift towards a more sophisticated model, but he also views it as the natural evolution of a criminal industry the authorities are struggling to combat.

WATER COOLERS AND CUBICLES

The Russian group of 20 hackers believed to be responsible for the systematic bleeding of global bank accounts is the latest to be identified by authorities and is simply one in a growing number of cyber crime syndicates emanating from that part of the world.

“These are incredibly well educated people,” often facing unemployment in their home country, said Mr Sentonas. “For them it’s a way to make a bit of extra money.”

The “industry” has not only seen an explosion in numbers, but also in its level of organisation. Much of the public imagination that exists around hackers is of rogue, faceless individuals sitting alone in a basement. But most modern operations are more likely to resemble a bureaucratic business with a very structured workplace.

Authorities are facing an uphill battle in their attempts to track and prosecute organisation involved in this kind of activity.

“The chances of getting caught are so small,” Professor Warren told news.com.au. “And it’s very hard to extradite people for cyber crime.”

“And even if you do, the penalties are weak,” Mr Sentonas said.

The group of 20 hackers are thought to have targeted the internal computing systems of the world’s banks. A similar strategy was used by a group of Russian hackers known as Carbanak who were “unmasked” by Kaspersky Lab earlier in the year.

The group would first infect a computer at a bank with malware that gave the hackers remote access to the computer. They would then watch and record everything as the employees go about their daily job. Once they learned how the bank’s computing system worked, they knew how to mimic the staff in order to transfer the money out.

For instance, in some cases the hackers would take control of an individual’s bank account that contained $2,000 and then change it so it had $20,000 in the account. Then they would transfer $18,000 to their own accounts and the customer would not notice anything missing.

In other cases, money was simply stolen and transferred into bank accounts in China.

The Carbanak group also seized control of the ATMs and programmed them to dispense money at a particular time while a member of the organisation waited on standby.

As a rule, such crimes are preceded by many months of preparation.

Hackers use malware to take control of the bank’s computes.Source:YouTube

The difficulty in policing and thwarting such operations is massive.

“We’ve been tracking some of the groups for years,” said Mr Sentonas. Often the sophistication of their architecture is at such a level that it allows them to disperse their activity across global networks and continue to operate when certain servers get shut down.

“It’s a cat-and-mouse game,” he said. And one where police and security companies are often forced to play catch up.

“There’s a lot of conversations now saying it’s a huge problem, but I think it has been so for a while,” Mr Sentonas said.

However he is optimistic about the state of the cyber security industry and said an increased focus on collaboration in recent times has yielded positive results.

“We’re learning how to work together.”

By its very nature, the extent of the threat and the scale of activity conducted by these cyber crime companies remains unknown. Some individuals who are victims of malware and ransomware attacks don’t go to the police, some companies don’t want to divulge the fact they’ve been hacked, and some cases simply go undetected for a long time.

“In my opinion it is well underestimated,” Mr Sentonas. “It’s not like they’re not reporting their earnings.”